KR20170052589A - Mapping account information to server authentication - Google Patents

Abstract

An authentication prompt issued from the server is detected, and previously entered account information is accessed on the user device. A selectable display element corresponding to each set of entered account information is displayed. A user selection or operation of a given display element is received and the account information is retrieved and used to log on to the server issuing the authentication prompt.

Description

[0002] MAPPING ACCOUNT INFORMATION TO SERVER AUTHENTICATION [0003]

Computer systems are now widely used. Many computer systems use an authentication mechanism to allow users to access specific information.

For example, users often use computers (e.g., desktop computers, laptop computers, mobile devices, etc.) to access information on various servers. When accessing information on various servers, users often connect to all other servers using a relatively small set of credentials. Many authentication systems require the user to repeatedly enter username and password information (e.g., account information) to access information on other servers (e.g., for each different server). This can result in a relatively unsatisfactory user experience.

Mobile devices are also now widely used. Mobile devices often have a relatively small display screen. This can aggravate the problem associated with repeatedly entering passwords. The user experience becomes more difficult because it is difficult to enter the password correctly on a small screen device.

Cloud computing is also now widely used. The problem with repeatedly entering account information is exacerbated as users increasingly utilize cloud computing. For example, a user can have a document management system in one cloud (or one remote server environment) and an e-mail system in another cloud (or other remote server environment). This may mean that the user must repeatedly enter the credentials to access the document or access the e-mail.

The above discussion is provided solely for general background information and is not intended to help determine the scope of the claimed subject matter.

An authentication prompt issued from the server is detected, and previously entered account information is accessed on the user device. A selectable display element corresponding to each set of previously entered account information is displayed. A user selection or operation of a given display element is received and the account information is retrieved and used to log on to the server that issued the authentication prompt.

This summary is provided to introduce in simplified form selected concepts that are further described below in the Detailed Description. This summary is not intended to identify key features or essential functions of the claimed subject matter and is not intended to help determine the scope of the subject matter claimed. The claimed subject matter is not limited to implementations that address any or all of the disadvantages mentioned in the background.

1 is a block diagram of an example of a multiple server architecture.
Figures 2-1 and 2-2 (collectively, Figure 2) are flow charts illustrating an example of the operation of an account picker system.
Figures 2A and 2B show an example of a user interface display.
3 is a flow diagram illustrating an example of the operation of the account picker system when a user is allowed to associate account information with a server.
Figures 3A-3F illustrate examples of various user interface displays.
Figure 4 illustrates an example in which the architecture shown in Figure 1 is deployed in a cloud computing architecture.
Figures 5-7 illustrate various examples of mobile devices.
Figure 8 is a block diagram of an example of a computing environment.

1 is a block diagram of an example of a multiple server architecture 100. As shown in FIG. The architecture 100 includes, for example, a set of different server systems 102-104. Different server systems may have one or more servers hosting various applications, sites, systems, and the like.

Figure 1 also shows a mobile device 106 that accesses the server system 102-104 via the network 108. [ The user device 106 creates a user interface display 110 having a user input mechanism 112 for interaction by, for example, The user 114 interacts with the user input mechanism 112 to, for example, control and manipulate the mobile device 106 and access information on the server system 102-104.

1, the mobile device 106 may include a processor 116, a display device 118, other user input mechanisms 120 (e.g., a button, a touch screen, a switch, etc.) (E.g., a plurality of different sets of server account information 126-128 and mappings 125), an account picker system 130, a security component 132, User interface component 134, communication system 136, and may include other items 138 as well. Before describing the overall operation of the architecture 100 in more detail, a brief overview of some of the items of the architecture 100 will first be provided.

The processor 116 of the mobile device 108 executes the application 122 that allows the user 114 to access information on the different server systems 102-104, for example. For example, applications 122 may be used by a user 114 from a document management system located in one of the server systems 102-104 to provide a user with a word processing document, a presentation document, a spreadsheet document, Lt; RTI ID = 0.0 > accesses. ≪ / RTI > The application 122 may also include a messaging application that allows the user 114 to access a messaging system located on another server system 102-104 (e. G., An email system, etc.) have. In one example, the user 114 has at least one set of account information that the user 114 must input when accessing the information on each server system 102-104. The account may include account information such as a user name and password or other authentication information.

The communication system 136 allows, for example, the user 114 to communicate with other users using the mobile device 106. The communication system may be, in particular, a cellular communication system, various types of messaging systems. More examples of these are described below in connection with FIG.

The account picker system 130 includes, for example, an authentication detector 140, a picking component 142, an account / server mapping component 144, an automatic login component 146, an account filter component 148, (150). If the authentication detector 140 detects that the user is requesting authentication information from a given server, the picking component 142 accesses the mapping 125 in the data store 124 to allow the user 114 to issue an authentication prompt Determine whether you already have any account information associated with a given server. If so, the picking component 142 accesses the associated account information and authenticates to the server using the account information. The user interface component 134 generates a user interface display for the user 114 to authenticate the user (e. G., If the authentication fails because the account information is invalid or because there is no valid mapping of account information for that server) 114 lists the various sets of account information previously selected and entered for authentication. In one example, the account filter component 148 may filter its account information based on various filter criteria, some of which are described below. The user 114 may simply select a set of account information to use to log into a given server and the automatic login component 148 automatically logs in to the given server via the authentication prompt using the account information selected by the user. The selected account information is mapped to the server in the mapping 125. The account information may include credentials, account numbers, user names, passwords, and / or other information.

If the user 114 does not associate any account information with any server or if the user wants to enter a completely new credential, the account / server mapping component 144 may display a user interface display Lt; / RTI > The account / server mapping component 144 also allows the user to enter new account information that can be converted into a secure form by the security component 132. For example, the component 132 may encrypt the account information and store it in the mapping 125 (or elsewhere) as a set of security accounts.

2-1 and 2-2 (collectively referred to as FIG. 2) illustrate a flow diagram that illustrates an example of the operation of the account picker system 130 that allows a user to pick an account for authentication. 2A and 2B illustrate examples of user interface displays that may be created on the display device 118 of the mobile device 106. [ 1 to 2B will now be described in relation to one another.

First, with reference to FIG. 2, assume that the user 114 has already entered authentication information for some of the purposes of FIG. The manner in which a user enters account information and associates it with the server is described in more detail below with reference to Figure 3-3f. Now, it is sufficient that the user has already entered account information. The mobile device 106 receives user input indicating that the user desires to access the server system (e.g., server system 102). This is indicated by block 160 in FIG. This can be done in a variety of ways. For example, the user 114 may be attempting to access a document in a document management system disposed on the server system 102. [ This is indicated by block 162. The user 114 may also receive an electronic mail message with a link to the document in the server system 102. This is indicated by block 164. The user 114 may simply attempt to access his account on the server system 102 for other reasons and this is indicated by block 166. [ Of course, the user input 102 for accessing the server system may also be provided in other ways, as indicated by block 168. [

In response, the server system 102 issues an authentication prompt to the user, for example, and prompts the user to enter a user credential or account information for accessing the server. In response, the authentication detector 140 detects, for example, an authentication prompt, which is indicated by block 170 in FIG.

The picking component 142 accesses previously entered account information. This is indicated by block 172. In one embodiment, the picking component 142 includes a mapping 125 in the data store 124 that maps account information to a different server to determine whether the user has already associated any account information with the server system, . For example, the user 114 may associate a subset of his account information with only a given server. In one example, the user 114 may associate a single set of account information with the server. In another example, for example, if a user needs to use a business account to access a particular document, but a personal account is available to access other documents, the user can associate multiple sets of account information with a single server have. In any case, the mapping 125 identifies both a different set of security account information 126-128 associated with the server issuing the authentication prompt, for example.

If there is only one set of account information associated with the server, it is retrieved and used for authentication. This is indicated by blocks 173 and 175.

However, if more than one set of account information is associated with the server, the user can select which set to use for authentication when these sets of account information are retrieved. This is indicated by blocks 177 and 179.

If the user does not associate a set of account information with the server but inputs the account information for another reason, all previously entered account information is retrieved. This is indicated by block 181 in FIG.

In one example, the account filter component 148 filters the set of account information so that only a different set of account information (or credential filtered group) is identified. Applying a filter to obtain a group of filtered credentials is indicated by block 174. Filtering may be performed in a number of different ways using various filter criteria. For example, the account filter component 148 may be configured to filter various sets of account information based on the type of document the user is attempting to access on the server 102. If the type of document is a spreadsheet application, this may indicate that the user 114 needs a set of credentials associated with his business or organizational account to access the document. Accordingly, the filter component 148 may filter the set of account information 126-128 associated with the server 102 to identify only account information corresponding to the business account. This is only an example, and is indicated by block 176. [

In another example, the filter component 148 may filter the account information based on the hosting organization that issued the authentication prompt, the type of server, or a particular application. This is indicated by block 178.

In another example, the authentication detector 140 detects an authentication protocol used by the server that issued the prompt. For example, the protocol may be an open standard authentication protocol or various proprietary protocols or other protocols. In this case, the filter component 148 may filter the account information to identify only information with a credential that can be used with the detected authentication protocol. This is indicated by block 183.

Of course, the filter component 148 may also filter the account information based on other filter criteria. This is indicated by block 180.

The picking component 142 generates a user interface display that displays a set of selectable display elements. In one embodiment, there is a selectable display element corresponding to each of the sets of account information identified by the mapping 125, or corresponding to each set of previously entered account information. In the example in which the filter component 148 applies a filter, a selectable display element is displayed for each set of filtered credentials. Displaying the selectable display element is indicated by block 182 in Fig.

Figures 2a and 2b show two different user interface displays for representing this. For example, FIG. 2A illustrates that a user 114 supports an e-mail server and accesses an e-mail message server system that opens an e-mail message. The message is typically shown on the user interface display 184. The e-mail message itself includes, for example, a link 186 to a word processing document stored on the document management system of the server system 102.

When the user activates the link 186 (e.g., by touching it on the touch sensitive screen or otherwise), the document management system generates, for example, an authentication prompt, which is sent to the authentication detector 140 . In response, the picking component 142 identifies the various accounts the user may select for use in authentication. The picking component 142 then displays a selectable display element corresponding to each identified set of account information. This is shown in Figure 2b.

Figure 2B illustrates a user interface display 188 representing, for example, a set of selectable display elements 190, wherein one selectable display element is associated with each set of account information previously entered by user 114 Respectively. In the example shown in FIG. 2B, each of the display elements has a check box associated with them, so that the user can select one of the sets of account information by selecting the corresponding check box. For example, if the document referenced by link 186 in FIG. 2A is a document in which user 114 enters his job credentials, the user simply clicks on the display element < RTI ID = 0.0 > Can be selected.

When the user 114 selects one of the display elements 190, the picking component 142 retrieves the corresponding account information from the data store 124. The user's selection or operation of a given display element is indicated by block 192 in FIG. 2, and retrieval of account information corresponding to the selected display element is indicated by block 194.

The automatic login component 146 automatically logs into the server system 102 using the retrieved information so that the user 114 can successfully open the document referenced by the link 186. [ Automatically logging in to the server system 102 to access and open the document is indicated by block 196 in FIG.

Referring again to FIG. 2B, if the user 114 wishes to add additional account information for use in accessing the document, the user 114 activates, for example, the user input mechanism 198. In this case, the account picker system 130 directs the user 114 through a user experience that allows the user to do so, for example. The imprint is described in more detail below with respect to Figures 3-3f.

3 illustrates an example of an account management operation, such as the user 114 changing the account he or she is associated with the server system, or initially setting up the account picker system 130 to associate a given set of account information with a given server Which is an example of the operation of the account picker system 130, which is performed when the account collector system 130 is enabled. Figures 3A-3F show examples of different user interface displays representing this. Figures 3 to 3f will now be described with respect to one another.

First, the user 114 assumes that the user provides an appropriate user input to the mobile device 106 indicating that the user desires to associate account information with the server. This is indicated by block 200 of FIG. For example, a user may provide account management inputs to perform account management tasks. This is indicated by block 202. The user can access the settings menu in the application to perform account setting operations. This is indicated by block 204. The user may provide another input indicating that the user wishes to associate account information with the server, which is indicated by block 206.

The account / server mapping component 144 then determines whether the user has entered account information into the device 106, or any of the other devices of the user, such as the user's desktop computer, tablet computer, mobile device, . The information may be stored in a location where this information can be accessed or transmitted to all devices or otherwise available. This is indicated by block 208 in FIG. Otherwise, for example, the user 114 may be requested for account information. This is indicated by block 210. For example, the user may be asked for a user name and password, an email address and password, or many other account information.

The security component 132 then generates a secure representation of the entered account information. This is indicated by block 212. For example, the security component 132 may encrypt information or perform other security operations to generate a secure representation of the information.

Returning to block 208, if the user has already entered the existing account information in the device 106, the picking component 142 retrieves the previously entered account information. This is indicated by block 214.

The picking component 142 displays a list of selectable display elements corresponding to the entered account information. This is indicated by block 216.

The account / server mapping component 144 then receives a user selection input that selects one or more selectable display elements. This is indicated by block 218. The component 144 then associates the selected account or accounts with the server. This is indicated by block 220. For example, it may store a secure representation of the selected account information in the mapping 125 that maps account information to the server in the data store 124. This is indicated by block 222 in FIG. It may associate the selected account or accounts with the server in a different manner, as indicated by block 224.

3A shows an example of a mobile device having a user interface display 226 that may be created when a user performs an account management function. In this example, it is assumed that the user has already entered the existing account information. In this case, the picking component 142 retrieves its account information, displays selectable display elements corresponding to each account, and prompts the user to select a set of accounts that the user wishes to associate with a given one of the set of account information do.

For example, a user may navigate within the application to a settings menu, where the application will display a user input mechanism 228 that can be activated by the user to perform the setting operation. When the user activates this, the account / server mapping component 144 generates a user interface display, such as the user interface display 230 shown in FIG. 3B, for example.

In FIG. 3B, the user interface display 230 can be seen to include, for example, a list of selectable display elements 232, each corresponding to a different set of account information already entered by the user. Display 230 also includes a prompt portion 234 that prompts the user to select, for example, one or more accounts the user wishes to associate with a particular server. Again, if the user wishes to add additional account information, a user input mechanism 236 is provided. The user may activate the mechanism 236 and the account picker system 130 will guide the user through a user experience that allows the user to enter additional account information.

3B, the account / server mapping component 144 associates, for example, the selected account information with the identified server. This can be done in the mapping 125.

Figures 3C-3E illustrate how a user opens an application hosted on one of the server systems 102-104 and navigates through the settings menu with an account settings display that allows a user to associate accounts with servers hosting applications Fig. In the example shown in FIG. 3C, the user has executed a word processing application. Thus, the mobile device of FIG. 3C generates a user interface display as shown at 240, indicating that the mobile device is loading a word processing application.

The application then generates a landing page display, such as the display 242 shown in Figure 3d. In one example, the user may invoke a user input mechanism that allows a user to perform a set operation. For example, a user can activate a menu item in a command bar or ribbon, or the user can slide in a command bar (or window) using a touch gesture. In any case, in one example, the application displays a setting user input mechanism 244 that can be activated by the user to view the account setting user input mechanism 246. [ In the example shown in Figure 3D, the account setting user input mechanism 246 is displayed in the drop down menu when the user activates the setting user input mechanism 244. [

When the user activates the account setting user input mechanism 246, the application displays an account setting display such as, for example, the display 248 shown in FIG. 3E. Again, the picking component 142 accesses all account information previously entered, and responds with a prompt 252 requesting the user to indicate which display element of the display elements the user desires to access the server Displayable element 250 of the display.

Like the display shown in FIG. 3D, the display shown in FIG. 3E also includes a user input mechanism 254. The mechanism 254 allows the user to add a new account if desired.

In any of the examples shown in FIG. 2B, FIG. 3B, or FIG. 3E, if the user accesses the user input mechanism to add a new account, the account picker system 130 displays, for example, Lt; / RTI > The user interface display 256 includes a user input mechanism that allows a user to enter, for example, new account information that the user wishes to associate with the server. In the example shown in FIG. 3F, the user input mechanism includes a user name input mechanism 258 and a password mechanism 260. The user may activate the storage user input mechanism 262. [ This allows the security component 132 to generate a secure representation of account information. The account / server mapping component 144 creates a mapping between the account information and the server.

It will be appreciated that the system not only improves the performance of the mobile device itself, but also improves the performance of the user 114. For example, the system can reveal all previously entered account information, so the user simply needs to select a set of account information without having to re-enter the account information at the time of authentication. In one example, because the system allows a user to associate a number of different sets of account information with a single server, the system can allow all of the different sets of accounts (some of which are not relevant) You can expose relevant account information more quickly than you need to search. For example, a user may have more than 10 different sets of account information. However, since a user may associate a subset of its account information with a given server, the mobile device may display the relevant information to the user more quickly and efficiently when the user logs on to the server or attempts to sign the server.

User performance is greatly improved. For example, a user does not need to repeatedly enter a user name and password or other authentication information, and such repetitive input can be particularly difficult and tiring on small screen devices. Instead, the user can simply select an account from a list of accounts already entered by the user. This greatly improves the user experience and increases the efficiency with which users can access relevant information on various servers.

This description refers to a processor and a server. In one embodiment, the processor and server include a computer processor with associated memory and timing circuitry not separately shown. They are a functional part of the system or device to which they belong or are activated by them and facilitate the functioning of other components or items of the system.

In addition, a number of user interface displays have been described. They can take a variety of forms and can have various other user-operable input mechanisms deployed to them. For example, the operational input mechanism by the user may be a text box, a check box, an icon, a link, a drop-down menu, a search box, and the like. In addition, they can be operated in a variety of ways. For example, they may be operated using a point-and-click device (e.g., a trackball or a mouse). They can be operated using hardware buttons, switches, joysticks or keyboards, thumb switches, or thumb pads. They may also be operated using virtual keyboards or other virtual actuators. Also, if the screen on which they are displayed is a touch sensitive screen, they can be operated using a touch gesture. Also, if the device supports it (e.g., if a natural user interface is used), they may be activated using a three dimensional gesture (e.g., swipe, hover, etc.). Also, if the device displaying them has a speech recognition component, they can be operated using voice commands.

A number of data stores have also been described. They can each be divided into multiple data stores. All data stores can be local to the system that accesses them, all can be remote, or some can be local and others can be remote. All such configurations are contemplated herein.

In addition, the figures show a number of blocks having the function assigned to each block. Fewer blocks can be used and thus the functionality can be performed by fewer components. In addition, more blocks may be used and the functionality may be distributed to more components.

4 is a block diagram of the architecture 100 shown in FIG. 1, except that the components are located in the cloud computing architecture 500. FIG. Cloud computing provides computing, software, data access, and storage services that do not require end-user knowledge of the physical location or configuration of the systems providing the services. In various embodiments, cloud computing delivers services over a wide area network, such as the Internet, using appropriate protocols. For example, a cloud computing provider provides applications over a wide area network and they can be accessed through a web browser or other computing component. The software or components of architecture 100 and corresponding data may be stored in a server at a remote location. Computing resources in a cloud computing environment can be integrated or distributed at remote data center locations. The cloud computing infrastructure can deliver services through a shared data center, even if it is presented to the user as a single point of access. Accordingly, the components and functionality described herein may be provided from a service provider at a remote location using a cloud computing architecture. Alternatively, they may be provided from an existing server, or installed directly or otherwise in the client device.

The description tries to include both public cloud computing and personal cloud computing. Cloud computing (both public and private) not only reduces the need to manage and configure the underlying hardware infrastructure, but also provides a virtually seamless pool of resources.

Public clouds are managed by vendors and typically support a large number of consumers using the same infrastructure. Also, unlike a private cloud, using a public cloud does not require the end user to manage the hardware. The personal cloud can be managed by the organization itself, and the infrastructure is generally not shared with other organizations. The organization maintains hardware to some extent, including installation and repair.

In the example shown in Figure 4, some items are similar to those shown in Figure 1 and numbered similarly. Figure 4 specifically shows that the server system 102-104 can be located in the cloud 502 (which may be public, private, or some combination of which is public and some others are private). Thus, the user 114 accesses these systems through the cloud 502 using the mobile device 106.

Figure 4 shows another example of a cloud architecture. Figure 4 shows that some elements of architecture 100 are placed in cloud 502 but some of the elements are not deployed. For example, a data store 506 for one or more server systems may be located outside the cloud 502 and accessed through the cloud 502. In another example, the account picker system 130 may be located outside the cloud 502. Regardless of where the data repository is located, they can be accessed directly by the device 106 and via a network (wide area network or local area network), which can be hosted at a remote location by the service, It can be provided as a service through the cloud, or it can be accessed by a connection service that resides in the cloud. All of these architectures are contemplated herein.

In addition, the architecture 100, or portions thereof, may be located in a variety of different devices. Some of these devices include servers, desktop computers, laptop computers, tablet computers, or other mobile devices such as palmtop computers, cell phones, smart phones, multimedia players, personal digital assistants and the like.

5 is a simplified block diagram of one exemplary embodiment of a handheld or mobile computing device that may be used as a handheld or mobile device 16 of a user or client on which the system (or portion thereof) may be deployed . 6-7 are examples of handheld or mobile devices.

FIG. 5 provides a general block diagram of the components of client device 16 that may or may not interact with components of architecture 100, or both. In the device 16, a handheld device allows communication with other computing devices, and in some embodiments a communication link 13 is provided that provides a channel for automatically receiving information, e.g., via scanning. Examples of communication links 13 include, but are not limited to, cable network ports such as infrared ports, serial / USB ports, Ethernet ports, and General Packet Radio Service (GPRS), LTE, HSPA, HSPA + and other 3G and 4G wireless protocols, Includes a wireless network port that enables communication over one or more communication protocols, including short message service, wireless service used to provide cellular access to the network, WiFi protocol, and Bluetooth protocol that provides a short-range wireless connection to the network do.

In another embodiment, an application or system is received at a removable secure digital (SD) card reception connected to the SD card interface 15. [ The SD card interface 15 and the communication link 13 are connected to a memory 21 and an input / output (I / O) component 23 and a bus 19 connected to the clock 25 and the position system 27 (Which may also implement processor 116 from Figure 1).

In one embodiment, the I / O component 23 is provided to facilitate input and output operations. I / O components for various embodiments of the device 16 may include input components such as buttons, touch sensors, multi-touch sensors, optical or video sensors, voice sensors, touch screens, proximity sensors, microphones, tilt sensors, , A display device, a speaker, and / or an output component such as a printer port. Other I / O components may be used.

Clock 25 includes a real-time clock component for outputting, for example, time and date. Clock 25 may also provide a timing function for processor 17, for example.

The location system 27 includes, for example, a component that outputs the current geographic location of the device 16. This may include, for example, a satellite positioning system (GPS) receiver, a LORAN system, a speculative navigation system, a cellular triangulation system or other positioning system. It may also include, for example, mapping software or navigation software that produces the desired map, navigation root, and other geographic functionality.

The memory 21 stores the operating system 29, the network settings 31, the applications 33, the application configuration settings 35, the data store 37, the communication driver 39 and the communication configuration settings 41 . Memory 21 may include any type of volatile and non-volatile computer readable memory device of a type. It may also include computer storage media (discussed below). The memory 21 stores computer-readable instructions that, when executed by the processor 17, cause the processor to perform a computer-implemented step or function in accordance with the instructions. Similarly, the device 16 may include a client system 24 that may be capable of executing various business applications or implementing some or all of the tenants 104. The processor 17 may be activated by other components to facilitate their functioning as well.

Examples of the network settings 31 include proxy information, Internet connection information, and mapping. Application configuration settings 35 include settings to customize applications for a particular enterprise or user. The communication configuration settings 41 provide parameters for communicating with other computers and include items such as GPRS parameters, SMS parameters, connection user names and passwords.

The application 33 may be part of the operating system 29 or hosted outside the device 16 but the application 33 may be an application previously stored on the device 16 or an application installed during use .

6 shows an example in which the device 16 is a tablet computer 600. Fig. In FIG. 6, a computer 600 having a user interface display screen 602 is shown. The screen 602 can be a touch screen (thus, a touch gesture from the user's finger is used to interact with the application) or a pen-based interface that receives input from a pen or stylus. It can also use an on-screen virtual keyboard. Of course, it may also be attached to a keyboard or other user input device via a suitable attachment mechanism, such as, for example, a wireless link or a USB port. Computer 600 may also receive voice input, for example.

Additional embodiments of the device 16 may also be used. The device 16 may be a feature phone, a smart phone or a mobile phone. The telephone includes a set of keypads for entering telephone numbers, an application image, an icon, a web page, an image containing a picture, and a display capable of displaying video and control buttons for selecting items displayed on the display . The phone may include a cellular telephone signal such as General Packet Radio Service (GPRS) and lXrtt, and an antenna for receiving a short message service (SMS) signal. In some embodiments, the phone also includes a secure digital (SD) card slot that accepts an SD card.

The mobile device may be a personal digital assistant (PDA) or a multimedia player or a tablet computing device (hereinafter referred to as a PDA). The PDA may include a guidance screen that senses the position of the stylus (or another pointer, such as a user's finger) when the stylus is positioned on the screen. This allows the user to select, highlight, and move items on the screen, as well as to draw and record. The PDA allows a user to scroll through menu options or other display options that are displayed on the display and also includes a number of user input keys that allow the user to change applications or select user input functions without touching the display Button. The PDA may also include an internal antenna to enable wireless communication with another computer and an access port to enable hardware connections to the infrared transmitter / receiver and other computing devices. This hardware connection is typically made through a cradle that connects to another computer through a serial or USB port. As such, this connection is not a network connection.

Fig. 7 shows an example in which the telephone is a smartphone 71. Fig. The smartphone 71 includes a touch sensitive display 73 that displays an icon or tile or other user input mechanism 75. The mechanism 75 may be used by a user to run applications, make phone calls, perform data transfer operations, and so on. Generally, the smartphone 71 is built on a mobile operating system and provides advanced computing and connectivity capabilities over feature phones.

Other forms of device 16 are possible.

FIG. 8 is an embodiment of a computing environment in which an architecture 100 or a portion thereof (e.g., may be deployed). 8, an exemplary system for implementing some embodiments includes a general purpose computing device in the form of a computer 810. [ The components of computer 810 may include a processing unit 820, a system memory 830, and a system memory 820 connected to the processing unit 820 (which may include processor 116 or ones within server system 102-104) But is not limited to, a system bus 821 that couples various system components, including, The system bus 821 may have some type of bus structure, including a memory bus or memory controller, a peripheral bus, and a local bus using a variety of bus architectures. By way of example, and not limitation, such architectures may be referred to as Industry Standard Architecture (ISA) bus, Micro Channel Architecture (MCA) bus, Enhanced ISA (EISA) bus, Video Electronics Standards Association (VESA) local bus, Peripheral component interconnect (PCI) bus. The memory and the program described in connection with Fig. 1 may be placed in corresponding portions of Fig.

Computer 810 typically includes a variety of computer readable media. Computer readable media can be any available media that can be accessed by computer 810 and include volatile media and non-volatile media, removable and non-removable media. By way of example, and not limitation, computer readable media may comprise computer storage media and communication media. The computer storage medium is different from and does not include a modulated data signal or carrier. Computer storage media includes hardware storage media including volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data do. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disk (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, But is not limited to, any other medium that can be used to store information and which can be accessed by computer 810. [ Communication media typically embodies computer readable instructions, data structures, program modules or other data in a transport mechanism and includes any information delivery media. The term "modulated data signal" means a signal that sets or modifies one or more of its properties to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media. Any combination of the above should also be included within the scope of computer readable media.

The system memory 830 includes computer storage media in the form of volatile and / or nonvolatile memory such as read only memory (ROM) 831 and random access memory (RAM) 832. [ A basic input / output system 833 (BIOS), containing the basic routines that help to transfer information between elements within the computer 810, for example, during start-up, is typically stored in ROM 831. The RAM 832 typically includes data and / or program modules that are immediately accessible to and / or presently being operated on by the processing unit 820. By way of example, and not limitation, FIG. 8 illustrates operating system 834, application programs 835, other program modules 836, and program data 837.

Computer 810 may also include other removable / non-removable, volatile / non-volatile computer storage media. By way of example only, FIG. 8 illustrates a hard disk drive 841 that reads from or writes to a non-volatile, volatile magnetic medium, and a removable, non-removable optical disk 856, such as a CD ROM or other optical media, Optical disk drive 855 is shown. Other removable / non-removable, volatile / nonvolatile computer storage media that may be used in the exemplary operating environment include, but are not limited to, magnetic tape cassettes, flash memory cards, DVDs, digital video tape, solid state RAM, Do not. The hard disk drive 841 is typically connected to the system bus 821 via a non-removable memory interface such as interface 840 and the optical disk drive 855 is typically connected via a removable memory interface such as interface 850 And is connected to the system bus 821.

Optionally, or in addition, the functions described herein may be performed, at least in part, by one or more hardware logic components. Exemplary types of hardware logic components that may be used include, but are not limited to, field programmable gate arrays (FPGAs), program specific integrated circuits (ASICs), program specific standard products (of the ASSP), system on chip systems (SOC) , A compound programmable logic device (CPLD), and the like.

The drives and their associated computer storage media described and illustrated above in FIG. 8 provide for the storage of computer readable instructions, data structures, program modules, and other data for the computer 810. In FIG. 8, for example, hard disk drive 841 is shown storing operating system 844, application programs 845, other program modules 846, and program data 847. These components may be the same as or different from operating system 834, application programs 835, other program modules 836, and program data 847. Operating system 844, application programs 845, other program modules 846, and program data 847 are given different numbers to indicate, at a minimum, that they are different copies.

A user may enter commands and information into the computer 810 via input devices such as, for example, a keyboard 862, a microphone 863, and a pointing device 861 such as a mouse, trackball or touch pad. Other input devices (not shown) may include joysticks, game pads, satellite dishes, scanners, and the like. These and other input devices are often connected to the processing unit 820 via a user input interface 860 connected to the system bus, but may be connected by other interfaces and bus structures, such as a parallel port, a game port, or a universal serial bus . A visual display 891 or other type of display device is also connected to the system bus 821 via an interface, such as a video interface 890. [ In addition to the monitor, the computer may also include other peripheral output devices such as a speaker 897 and printer 896, which may be connected via an output peripheral interface 895. [

The computer 810 operates in a networked environment using logical connections to one or more remote computers, such as a remote computer 880, for example. The remote computer 880 may be a personal computer, a handheld device, a server, a router, a network PC, a peer device or other common network node, and typically includes many or all of the elements described above for the computer 810 . The logical connections depicted in FIG. 8 include a local area network (LAN) 871 and a wide area network (WAN) 873, but may also include other networks. Such networking environments are commonplace in offices, enterprise-wide computer networks, intranets, and the Internet.

When used in a LAN networking environment, the computer 810 is connected to the LAN 871 through a network interface or adapter 870. When used in a WAN networking environment, the computer 810 typically includes a modem 872 or other means for establishing communications over the WAN 873, such as the Internet. A modem 872, which may be internal or external, may be coupled to the system bus 821 via a user input interface 860 or other appropriate mechanism. In a networked environment, program modules depicted relative to the computer 810, or portions thereof, may be stored in a remote memory storage device. By way of example, and not limitation, FIG. 8 illustrates a remote application program 885 residing on a remote computer 880. It will be appreciated that the network connections shown are exemplary and other means of establishing a communication link between the computers may be used.

It should also be noted that the different embodiments described herein may be combined in various ways. That is, portions of one or more embodiments may be combined with portions of one or more other embodiments. All of which are contemplated herein.

Example 1 is a mobile device,

An authentication detector for detecting an authentication prompt from the server;

A picking component that identifies any set of previously entered authentication information and displays a selectable display element corresponding to each identified set of authentication information;

And a login component that receives the user selection input selecting the display element and automatically responds to the authentication prompt from the server using the authentication information corresponding to the selected display element.

 Example 2 is the mobile device of Example 1 further comprising an account filter component for filtering the set of authentication information on which the selectable display element is displayed based on a filter criteria.

Example 3 is a mobile device of any or all of examples 1 and 2 wherein the mobile device receives an authentication prompt in response to the mobile device attempting to access an item on the server and the account filter component Filter the authentication information set.

Example 4 is a mobile device of any or all of Examples 1 to 3 wherein the mobile device receives an authentication prompt in response to the mobile device attempting to access an item on the server and the account filter component is based on the nature of the authentication information To filter authentication information sets.

Example 5 is a mobile device of any or all of examples 1 through 4, wherein the mobile device is a mapping component that generates a user interface display with a user input device operable to associate a previously entered set of authentication information with a server .

Example 6 is a mobile device of any or all of Examples 1 to 5, wherein the mapping component identifies all sets of previously entered authentication information and includes a list of selectable display elements corresponding to a previously entered set of authentication information With an associated prompt that prompts the user to select a display element to be associated with the server.

Example 7 is any or all of the examples mobile devices of Examples 1-6, wherein the mapping component receives a user-selected input for selecting from a list in a selectable display element, and the previously entered authentication information corresponding to the selected display element Create a map entry to map to the server.

Example 8 is any or all of the examples mobile devices of Examples 1-7, wherein the mapping component generates a user interface display with a new information entry mechanism that operates to input new authentication information and map it to the server.

Example 9 is a mobile device of any or all of Examples 1 to 8 further comprising a security component for generating an encrypted representation of the new authentication information, And generates a map entry that maps the authentication information to the server.

Example 10 is a mobile device of any or all of Examples 1 to 6, wherein the mobile device further comprises a data store for storing mappings with map entries.

Example 11 is a method,

Detecting an authentication prompt from the server;

Displaying a plurality of selectable display elements, each corresponding to a previously entered set of account information;

Receiving a user selection input for selecting a given display element;

And automatically responding to the authentication prompt using a set of account information corresponding to a given display element.

Example 12 is the method of Example 11, wherein displaying a plurality of selectable display elements

Accessing a mapping between an account information set and a server to identify which of the sets of account information is mapped to the server;

And displaying one of the selectable display elements for each identified set of account information.

Example 13 is a method of any or all of Examples 11 and 12,

Displaying an associated user input mechanism operative to associate a previously entered set of account information with a server;

And creating a mapping between the set of account information previously entered and the server.

Example 14 is a method of any or all of Examples 11 to 13,

Inputting a new set of account information and displaying a new account user input mechanism operative to associate the new set of account information with the server;

And creating a mapping between the new set of account information and the server.

Example 15 is a method of any or all of Examples 11-14, wherein the step of generating a mapping

Creating a secure representation of new account information;

And generating a mapping using the secure representation of the new account information.

Example 16 is a mobile device,

A mapping component for generating a mapping user interface display having a mapping user input mechanism operative to identify a plurality of sets of previously entered authentication information and to map a subset of a plurality of sets of previously entered authentication information to a server;

Detecting an authentication prompt from a server, accessing a mapping, and displaying a picker user interface display having a plurality of selectable display elements, wherein the different selectable display elements correspond to each identified set of previously entered authentication information in a subset Lt; RTI ID = 0.0 > a < / RTI >

Example 17 is the mobile device of Example 16, in which the picker system

An automatic login component that obtains authentication information corresponding to a selected one of the different selectable display elements and automatically responds to the detected authentication prompt using the obtained authentication information.

Example 18 is a moving device of any or all of the examples 16 and 17,

Further comprising a filter component for filtering previously entered authentication information sets in the subset based on the filter criteria to obtain an identified set of previously entered authentication information in the subset, Lt; RTI ID = 0.0 > a < / RTI > selected set of authentication information.

Example 19 is any or all of the examples mobile devices of Examples 16-18, wherein the mobile device further comprises a data store for storing the mappings.

Example 20 is any or all of the examples mobile devices of Examples 16 through 19 wherein the mapping component generates a new account entry display with a user input mechanism operative to input authentication information for the new account and map it to the server, The mobile device further includes a security system for encrypting authentication information for the new account to obtain the encrypted authentication information, wherein the mapping component uses the encrypted authentication information to create a mapping between the new account and the server.

While the invention has been described in language specific to structural features and / or methodical acts, it is to be understood that the invention defined in the appended claims is not necessarily limited to the specific features or acts described above. On the contrary, the specific features and acts described above are disclosed as exemplary forms of implementing the claims.

Claims (15)

As a mobile device,
An authentication detector for detecting an authentication prompt from the server,
A picking component for identifying a previously entered arbitrary set of authentication information and displaying a selectable display element corresponding to each identified set of authentication information;
A login component that receives a user selection input for selecting a display element and automatically responds to the authentication prompt from the server using authentication information corresponding to the selected display element
≪ / RTI > The method according to claim 1,
Further comprising an account filter component for filtering the set of authentication information on which the selectable display element is displayed based on a filter criterion
Mobile device. 3. The method of claim 2,
Wherein the authentication detector detects an authentication protocol corresponding to the authentication prompt and the account filter component is configured to filter the authentication information sets based on the authentication protocol
Mobile device. 3. The method of claim 2,
Wherein the mobile device receives the authentication prompt in response to the mobile device attempting to access an item on the server and the account filter component is configured to filter the authentication information sets based on the type of item
Mobile device. 3. The method of claim 2,
Wherein the mobile device receives the authentication prompt in response to the mobile device attempting to access an item on the server and the account filter component is configured to filter the authentication information sets based on the characteristics of the authentication information
Mobile device. The method according to claim 1,
Further comprising a mapping component for generating a user interface display having a user input mechanism operative to associate a previously entered set of authentication information with the server
Mobile device. The method according to claim 6,
Wherein the mapping component identifies a plurality of previously entered sets of authentication information associated with the server and the picking component displays the selectable display element corresponding to the previously entered plurality of sets of authentication information associated with the server
Mobile device. The method according to claim 6,
Wherein the mapping component generates a user interface display having a new information input mechanism operable to input new authentication information and map it to the server
Mobile device. 9. The method of claim 8,
Further comprising a security component that generates an encrypted representation of the new authentication information, wherein the mapping component uses the encrypted representation to generate a map entry that maps the new authentication information to the server
Mobile device. Detecting an authentication prompt from the server;
Displaying a plurality of selectable display elements, each corresponding to a set of account information;
Receiving a user selection input for selecting a given display element,
Automatically responding to the authentication prompt using the account information set corresponding to the given display element
≪ / RTI > 11. The method of claim 10,
Further comprising identifying each set of account information as previously entered account information. 11. The method of claim 10,
Wherein displaying the plurality of selectable display elements comprises:
Accessing a mapping between the account information set and the server to identify a plurality of different sets of account information mapped to the server;
And displaying one of the selectable display elements for each identified set of account information
Way. 11. The method of claim 10,
Displaying an associated user input mechanism operative to associate a previously entered set of account information with the server;
Further comprising generating a mapping between the account information set previously entered and the server. 11. The method of claim 10,
Inputting a new set of account information and displaying a new account user input mechanism operative to associate the new set of account information with the server;
Generating a secure representation of the new account information;
Further comprising generating a mapping between the secure representation of the new account information and the server. As a mobile device,
A first component that identifies a plurality of previously entered sets of authentication information,
The method comprising: detecting an authentication prompt from a server and accessing the first component, the plurality of selectable display elements - the different selectable display elements corresponding to each identified set of previously entered authentication information; A picker system for displaying a display,
An automatic login component that obtains authentication information corresponding to a selected one of the different selectable display elements and automatically responds to the detected authentication prompt using the obtained authentication information
≪ / RTI >

Images